Short Description

TEFCA Facilitated FHIR

Long Description

Testing of the TEFCA Facilitated FHIR Implementation Guide including UDAP, Provenance and related policy

Type

Test a FHIR-related specification

Related Tracks?


Call for participants

QHINs and potential TEFCA Participants and Sub Participants

Track Prerequisites


Track Lead(s)

David Pyke Bill Mehegan

Track Lead Email(s)

dpyke@ainq.com, bmehegan@carequality.org

Specification Information

rce.sequoiaproject.org/wp-content/uploads/2022/12/TEFCA-Facilitated-FHIR-ImplementationGuide-Draft-2-Pilot-Version.pdf

rce.sequoiaproject.org/RCEIG/output/index.html

Zulip stream

https://chat.fhir.org/#narrow/stream/378320-TEFCA-FHIR

Track Kick off Call

April 27, 3pm ET (Teams meeting)

Join on your computer, mobile app or room device

Click here to join the meeting

Meeting ID: 293 362 054 448
Passcode: ovT3hr


Testing Scenario:

 Testing Scenarios:


1.) The FHIR Query Initiator discovers the endpoints associated with each Responding Actor it wants to transact with using FHIR


2.) the FHIR Query Initiator registers a client with the Responding Actor’s Authorization Server


3.) The FHIR Query Initiator requests an access token following the Oauth 2.0 Authorization Code


Grant flow (per Section 5.2.4 of the TEFCA FHIR IG) or Client Credentials flow (per Section 5.2.5 of TEFCA FHIR IG) Business-to-business (B2B) applications can use either the Authorization Code Grant flow or Client Credentials flow. Consumer-facing applications must use the Authorization Code Grant flow


4.) Post Conditions: The FHIR Query Initiator has obtained requested FHIR resources from the Responding Actor


Actors:


TEFCA DEV Directory
  • FHIR Server with Server Metadata to be added
  • Directory read/write access for participants
  • Auth server with UDAP JWT-based client authentication + trust policy logic (validating requestor's certificate etc.) for writes and sensitive data access


Organization A - UDAP FHIR Client (Requestor)

  • Client capable of UDAP Tiered OAuth, UDAP Dynamic Client Registration, UDAP JWT-based Authentication + trust policy logic to validate responder's Server Metadata
  • Requests FHIR data
  • Certificate


Organization B - UDAP FHIR Server (Responder)

  • UDAP Server Metadata
  • Implements Server side of UDAP Dynamic Client Registration and UDAP JWT-Based Authentication including trust policy logic and matching capability
  • Registration server
  • Auth server
  • Token endpoint
  • Certificate

Breakout Topics:

  • Auth Scopes
  • Potential Gaps in IG
  • Other Auth flows to test
  • Patient Matching
  • Provenance